net-dialup/ppp-2.4.2-r5 has a dependency on <=net-libs/libpcap-0.7.2-r1 which is vulnerable to the problem outlined in GLSA 200404-03. ppp should be patched to work with the newer version of libpcap
Jeremy, I'm reassigning this to net-dialup to fix/port. Add security@ if to the CC: if you think it needs to be added otherwise letting the maintainer of the package should handle this.
Adding myself to the CC: so I can watch the follow up to this bug.
net-libs/libpcap-0.7.2-r1 provides /usr/include/net/bpf.h which the newer versions don't have. Copying the /usr/include/net/bpf.h from the old version of libpcap made ppp-2.4.2-r5 compile. Netmon people - can this be fixed in libpcap? Note that: qpkg -f -v /usr/include/nessus/net/bpf.h net-analyzer/nessus-libraries-2.0.12 * The libpcap version of the header file contains C++ support, BSD support and a lot of other definations. I don't have much time to work on this. Assignments due on 14th. Feel free to change ppp to work as per my devaway message.
why not putting sed -e "s:net/bpf.h:pcap-bpf.h:" in ppp's ebuild?
correction: sed -e 's:net/bpf\.h:pcap-bpf.h:'
Netmons - ignore request - problem solved. Alin thanks for the fix. Solved in 2.4.2-r5
